Microsoft Windows LoadImage API Function Integer Overflow Vulnerability

Microsoft Windows is prone to a remote integer-overflow vulnerability because it fails to properly ensure that user-supplied input doesn't overflow integer values. Attackers may exploit this issue to cause data to be copied past the end of a memory buffer.

This issue resides in the 'LoadImage' function of the USER32 library. An attacker can exploit this condition by sending a malformed file to a user. If the user opens this file, the integer overflow may occur. A successful attack would occur in the context of the vulnerable user and may allow the attacker to gain unauthorized access to an affected computer.

This vulnerability may be present in applications that import the vulnerable function. At the time of writing, it is not known whether third-party applications are affected by this vulnerability.


Privacy Statement
Copyright 2010, SecurityFocus